By far the worst thing are android phone applications (not only FB official app). They have their spyware bundled and can slurp from you the data which are normally unaccessible by web browser, from phone number, imei, mail addresses to all your contacts and there is almost nothing you can do except installing vpn based firewall (like NetGuard) and block all access and add permissions one by one for each url. This should just be illegal.
From your friends :) Or you will allow it. To use it. On the other side you can at least control that the common advertisers wont get it (like fb). For everything else get root and xposed + xprivacy. But for most users that is too much. I just gave the easiest advice. I am running microg lineage, xprivacy lua and netguard. But I wonder was this as advice worth the letters used? ;) Will someone go trough the trouble to use it? To replace the rom, install everything, run everything in block mode and allow only what is really needed, like connection to my own mail server? My own ssh tunnel? Probably not. And then comes the master villan, google. How many will remove that one from the phone? Waste of words, right?
Anyway even netguard is far better than nothing, most apps dont need their own servers. And the largest data slurpers are known. For fb just block all fb domains.
